Cisco Wireless :: 1142 AP - OEAP 602 Can't Connect To WLC / Doesn't Have DTLS Enabled
Jun 17, 2012
Flex 7500
Software Version: 7.2.103.0
I have a Flex 7500 with 200 1142AP's working fine in remote office and local setup. We have since purchased 3 OEAP 602's and looking to distribute to teleworkers.
I have configured the OEAP to point to the NAT'd IP of the WLC, the OEAP does connect and is listed briefly in the WLC wireless listing but I am not able to make any configuration changes, it will then dissassociate and try the join process all over again. I have attached below the OEAP 600 event log. I see that the WLC does not support data DTLS encryption and looking to make this work.
I have tried to install the DTLS license file from the Cisco website, but says license failed to install, with no other errors.
*Jun 18 15:18:43.938: Build version 7.0.112.72 (compiled Feb 3 2012 at 01:56:39, [L]).
*Jun 18 15:18:47.859: CAPWAP State: Init.
*Jun 18 15:18:47.860: CAPWAP State: Discovery.
[Code]....
View 2 Replies
ADVERTISEMENT
Jan 18, 2013
I am setting up office extend with 1142 APs on a 5508 controller. All seems ok and I see my SSIDs on the remote AP. However when I try to connect I don't get a dhcp address and the connection fails. When I look at logs and some debugs I see dtls keepalive failures and the AP is actually disconnecting and re-associating with the controller.
View 24 Replies
View Related
Oct 1, 2011
I have some trouble with the setup of an oeap 600 ap. The ap has joined the controller as it should and the remote-lan connection to my corporate network works well, but i can't connect to the corporate wlan.
When i check the event log on the ap it says:
"
*Oct 02 07:36:56.662: (Re)Assoc-Req from 00:1a:73:d2:82:8c forwarded to WLC, wired: no
*Oct 02 07:36:56.665: received assoc-rsp for wireless client, status=0011
*Oct 02 07:37:11.712: DisAssoc-Req/DeAUTH from 00:1a:73:d2:82:8c forwarded to WLC, wired: no
*Oct 02 07:37:11.713: WTP Event: Delete Mobile sent to wlc00:1a:73:d2:82:8c"
and a debug on the controller gives me:
apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Adding mobile
on LWAPP AP ec:c8:82:c2:3a:20(0)
*apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Association received from mobile on AP ec:c8:82:c2:3a:20
*apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Sending Assoc Response to station on BSSID ec:c8:82:c2:3a:20 (s
tatus 17) ApVapId 1 Slot 0
[code]....
View 3 Replies
View Related
Dec 5, 2011
Wireless doesnt get enabled on pressing fn+F2 key, it turns on for a fraction of a second signified by the sound but it again sounds and turns off.Just cant get it enabled...Is there any other way to turn it on, on my Inspiron 1545?
View 7 Replies
View Related
Jul 5, 2010
We have an AIR-LAP1142N-E-K9 deployed in a H-REAP setup.This AP already got the configuration from the WLC when it was deployed at a remote site.Now we moved it to another site, but it doesn't appear in the WCS and i don't see any CAPWAP debug messages on the WLC.The routing work fine between the AP and the WLC, the AP also gets an IP address from DHCP and also received Option 43 information.
Now my guess was that the AP doesn't associate with the WLC because it has the old config file and it runs in local mode(without trying to connect to the WLC).We want to reset to factory defaults because we want to delete the configuration and force the AP to get a new config from the WCS.I don't know the enable password so i had to use other methods for reseting to factory defaults.
I tried to use the information from here:[URL]I used the "MODE button":I get the following message from the console:
"button pressed for 5 seconds
process_config_recovery: set IP address and config to default 10.0.0.1"
View 24 Replies
View Related
Oct 14, 2012
i have configured cisco LAP1240 in H-Reap Mode for multiple branch offices with Local switching and central authentication. one of the branch's AP does not join the controller in HQ while the others are all ok. i have firewall only in HQ, i did priming first for all APs like let them join the controller and configure controller IP in high availbility, and H-Reap config and assign SSID to map with the branch local vlan. when i faced this issue first time i brought back ap and configure a static IP address for AP than recheck them again but the problem still same. since i have only one firewall in the network and also other branches joined the controller through that firewall and no issues.
View 3 Replies
View Related
Dec 15, 2010
I am running a DIR-825 I believe one of the original's no updates or anything. I run it mixed mode. The 2.4 shows up and I can connect to but the 5 ghz (n) speed says it's enabled but I can never see it when I scan on any of my wireless n products (laptops and other computers). Dlink support told me to change to mixed mode g and n. I was running it in mixed mode (a, g and n). D link told me to change to mixed mode g and n and to make sure they stay on channel 6 and 11. Is this correct. Which firmware should I upgrade to and is there any easy way to do this?
View 4 Replies
View Related
Jun 4, 2013
I've enabled RDP on a laptop, but I can't connect to it. Pinging the laptop works. nmap shows ports open, but not RDP. netstat on the laptop shows nothing listening on 3389. I've also tried rebooting. [code]
View 1 Replies
View Related
Aug 26, 2012
i have a problem using my usb to serial cable connection, i can connect to one router on my work, but i can't connect to AP 1142, (i have tested also con AP 1231).i have a laptop running windows 7 64 bits, before i use a win xp 32 bits, and i didn't have problems.i am using putty, and have installed tera term 4.74 but the same.connection details, 9600, 8, 1, N, N.
View 5 Replies
View Related
Dec 10, 2012
What's wrong with this config ? Clients can see the wireless ssid's but cant connect.
View 1 Replies
View Related
Feb 29, 2012
I have looked through some posts on here of other people having the same trouble, I tried doing the different things suggested and it still is not working.Laptops/desktops can connect to the open SSID perfect, but anything portable such as iPads, Kindles, Phones etc.do not ever get an IP.I'm remotely troubleshooting this issue for a customer and have SSH ability.
View 9 Replies
View Related
Sep 9, 2012
I am tryign to set up an Aironet 1142, I have created a reserrvation in DHCP using the MAC address, and the reservation shows as active, but I cannot connect to the device with my browser.
View 1 Replies
View Related
Dec 25, 2012
I have a WLC 5508 and several 1142 access points. The APs are not showing up in the WLC. When i console into the APs, im getting the following errors,
*Dec 26 23:04:28.035: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 65.125.15.212:5246
*Dec 26 23:04:28.074: %CAPWAP-5-CHANGED: CAPWAP changed state to
[Code]....
Ive tried resetting the WLC, reloading the APs. I even factory defaulted one of the APs and still getting the same message.Ive verified that the WLC is set to accept MICs and SSCs.
View 6 Replies
View Related
Apr 30, 2012
ive recently bought a tcl internet enabled tv. I have tried connecting it to the wireless network and it keeps giving me an error that the "connection failed due to timeout".
View 5 Replies
View Related
Feb 18, 2013
We have cisco 5508 office extend in dmz running code 7.3.112. 1132 AP seems to register and authenticate fine but OEAP 600 series dont seem to authenticate. they seem to join the controller and download the SSID but just wont authenticate ? not even registering on the AAA server
View 9 Replies
View Related
Jul 9, 2012
I created a LAP Template in NCS to configure some new 1142 LAPs that were installed in a remote office. These LAPs need to be in Flex Connect mode with V LAN support. The template is being applied with partial success on every access point. Details of the partial success say the Flex Connect Parameters fail with the following error.
Provision Failure: { URL}.Object Not Found Exception cannot be cast to [URL]
Am I doing something wrong? The Flex Connect portion of the template has V LAN Support enabled, Native V LAN ID, and the Profile Name- V LAN Mappings configured.
Prime NCS version 1.1.1.24 Access Points are AIR-LAP1142N-A-K9s running 7.2.110.0
View 3 Replies
View Related
Aug 20, 2012
I have found that there are only few configuration to the Cisco Aironet 600 OEAP. The settings are just for basic configuration for a wireless network when it is in autonomous mode.
A need for a Wireless LAN Controller to perform advance settings.
Also, there are no firmware available in Cisco. No upgrade/downgrade firmware avalaible for download.
View 4 Replies
View Related
May 20, 2013
Here's the list of equipments:
Pool of oeap 600 aps
1x 2504WLC as OEAP WLC (@DMZ)
1x ASA 5515
Scenario:
My OEAP WLC located at ASA - DMZ is NATted to a public ip (primary internet ISP), then my pool of OEAP-600 were configured to communicate with this OEAP WLC.
My question is:
I want to automate the failover of OEAP-600 (I don't know if this is possible) to the secondary internet ISP whenever the primary internet ISP fails. The secondary ISP is terminated on the same ASA 5515-X doing PBR and IP SLA stuff.
I know that OEAP 600 can only be pointed to one WLC ip address I know that the WLC can only be NATted to one public IP address.
What would be the best solution to perform the OEAP backup connectivity? Or just buy another set of WLC/ASA then just manually configure the OEAP-600 APs to point to the secondary ISP.
View 6 Replies
View Related
Sep 23, 2012
I have a customer looking to deploy OEAP & wants to know if it possible to disable the local ports 1-3? Reason being, they don't want the home user connecting devices & causing more support tickets to troubleshoot an Xbox or Google TV just b/c it's connected to a company provide AP/Switch. I have read all the docs & it makes no mention of this.... I can see in 7.2 the ability to disable the local SSID but no mention of the ability to shutdown ports 1-3..Also see support in 7.2 for Dual RLAN... but that still leaves 2 local ports.
View 5 Replies
View Related
Apr 17, 2012
Possible to assign reslient WLCs to an OEAP 600?
The web GUI of the OEAP itself only has a single field to enter the address of a single controller.
But, I wonder if once the OEAP is talking to your WLC across the Internet, you can allocate HA settings to the OEAP so that it can fall back to a secondary WLC if your main WLC fails.
This is sort of hinted at in the docs I have read, but I have not been able to find it explicitly stated anywhere.
It would be nice to have 2 DMZ-based WLCs at two different data centres to allow remote users to have a fail-over solution, but I need to be sure that this is supported before implementing.
View 7 Replies
View Related
Mar 7, 2013
I have a TAC case open, but it doesn't seem to be making any progress.I upgraded my 5508 controller from 7.2.111.3 up to 7.4.100.0..Most of my APs are fine. 3500s, 1100s etc.except for 602i APs. The APs associate, they update software etc, but they won't broadcast the WLAN.An interesting thing, on the 602 AP, in the log, I see this:*Mar 06 15:08:12.667: SSID remote, WLAN Profile Name: RemoteOEAP, added to the slot[0], disabled..So the AP is definately talking to the WLC and being pushed the correct WLAN profile.On the controller, the AP shows the the Admin status of the radios is showing DOWN, but the Admin status on the AP itself shows UP
I've done a factory reset on the APs to no avail. I have a 2504 WLC as well that i'm in the process of implementing in a DMZ specificially for these APs, and for testing purposes, I associated the 602 Ap to that WLC as well. This one is running 7.4.100.0 too, same results. It would appear to be a problem with this version of software?
View 6 Replies
View Related
Sep 12, 2011
Only fifteen users are allowed to connect on the WLAN Controller WLANs provided on the 600 series at any one time. A sixteenth user cannot authenticate until one of the first clients de-authenticates or a timeout occurred on the controller. Note: This number is cumulative across the controller WLANs on the 600 series. For example, if two controller WLANs are configured and there are fifteen users on one of the WLANs, no users will be able to join the other WLAN on the 600 series at that time. This limit does not apply to the local private WLANs that the end user configures on the 600 series designed for personal use and clients connected on these private WLANs or on the wired ports do not affect these limits. This is from the Configuration Guide for teh 600 series Office Extend AP. Is this count per AP or total per WLC? If I have 10 APs deployed to our remote users, can each AP support two simultaneous users? Would I need to use separate WLANs for each OEAP?
View 8 Replies
View Related
Mar 17, 2012
I've got a strange problem here. In the office, my OEAP 600 can join WLC if there is no MAC authentication. When i enable MAC authentication at WLC, AP will fail to register. However, I try it at home and it works with both MAC authentication enable or disable. I suspect it is because of firewall in my office, but there shouldn't have any different in discovery and joining procedure for AP with MAC authentication enable or disable.
View 18 Replies
View Related
May 21, 2012
I have established dual-rlans on different segments.I have a 2960g switch. I created vl2 (management) and vl3 (data).I connected rlan1 (port4) to vl2 and rlan2 (port3) to vl3.My laptop receives a dhcp address on vl3 and the switch (in dhcp mode) receives it's proper address on vl2.Unfortunately a MAC is assigned to each vl and to the management interface. Thats 3 out of the 2 sets of 4.
So a managed switch is NOT the desired device to have on the back side of an OEAP600.In any case doing a show mac address-table revealed that all the vl2 MAC addresses were duplicated on vl3.To the tune of 216 addresses. 108 in each vlan. Which is a close match to the current host counts for each segment 98 + 18.Obviously this application is not what was envisioned by the OEAP team during work-up.The goal of 4 host devices on the rlan is proving difficult to achieve.The client wants 2 pc's and 2 digi-port servers.
View 1 Replies
View Related
Dec 9, 2012
Does the AP is able to configure 2 public ip address of the DMZ-WLCs?
like ip 1.1.1.1 in my US data center, whereas a second ip 2.2.2.2 in my EU data center?
View 5 Replies
View Related
Jan 12, 2011
I have just upgraded one of our 4400 to 7.0.98.0. Most of the AP re-registered with out issues. I have two AIR-LAP1142N-E-K9 on a remote site that will not re-register.I have pointed them to another 2125 WLC (7.0.98.0) and they register fine. Point them to yet another 4400 (7.0.98.0) I get the same issue.I am getting this error when the register on the 4400s.*Jan 11 14:39:24.000: %CAPWAP-3-ERRORLOG: Selected MWAR 'abzewwlc'(index 1).*Jan 11 14:39:24.000: %CAPWAP-3-ERRORLOG: Go join a capwap controller *Jan 11 07:05:55.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 144.46.211.5 peer_port: 5246*Jan 11 07:06:55.000: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 144.46.211.5:5246 I suspect it may be as they both have In the client config.Then again maybe not.Configured Switch 1 Addr 158.139.177.203Configured Switch 2 Addr 144.46.214.25
Question 1 if I do a "clear config except static IP" will I still be able to telnet tp them or will they default to no telnet no ssh ?
Question 2 any idea how to get past this DTLS error ?
View 4 Replies
View Related
Apr 4, 2012
I have an ASA 5510 running 8.2.2 code with 30 VPN Phones connected. Of the 30 phones, I have 5 that do not negotiate DTLS and I'm having quality issues with these phones. I've checked the login process and I don't see any errors when these phone connect, they just don't even attempt DTLS. All the phones use the same VPN configuration.
View 4 Replies
View Related
Sep 17, 2012
My work laptop uses a Cisco AnyConnect VPN Client (Software Version 2.5.2006). The connection protocol is DTLS.I recently upgraded to a Cisco RV180 at home at it is running the latest software version (1.0.1.9).
Since the RV180 went into service the work laptop will connect intermittantly. Usually email works but web browsing and and other services do not. It is slight strange behaviour- and seems to defy what a VPN should do......
The behaviour is very repeatable. For example from the customers office the laptop connects perfectly via VPN and if I swap back to an older inferior make of router at home VPN also works normal without changes to the laptop configuration.
I work for a large company (70,000+ employees) and we use "standard" builds so altering the laptop configuration is not really an option.
It seems to me that the RV180 doesn't support the DLTS VPN connection (indeed DLTS passthrough isn't an option in the VPN passthrough list) and is possibly blocking some incoming packets on the WAN interface.
I haven't yet tried a firewall rule to allow a DLTS (or UDP perhaps?) connection back in from the WAN side (obviously from just the IPs at my work end) but this is the only option I can think of to make this machine connect "correctly".
View 3 Replies
View Related
Nov 25, 2012
I've been labbing on my asa5505 at home, setting up different VPN solutions for testing purposes. However, I can't get my anyconnect client to establish a DTLS tunnel when connecting (anyconnect only shows tls, and does not display any errors about not connecting with dtls)I have set dtls port to 444 and this port is open on the other side.
View 2 Replies
View Related
Feb 21, 2011
WLC 5508 running 7.0.98.0
Site was running fine until the WLC had a hardware failure.
A new WLC was shipped out, was running 6.0.99 then manually upgraded to 7.0.98. Clients cannot authenticatewith recurrent logs messages like this.
*dot1xMsgTask: Feb 23 17:05:03.648: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:2914 Max EAP identity request retries (3) exceeded for client 00:21:5c:<snip>*spamApTask0: Feb 23 17:05:01.926: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:629 Failed to complete DTLS handshake with peer 192.168.214.91
I have tried changing the key on the radius server to no avail.
View 4 Replies
View Related
Mar 6, 2013
I am using my neighbor's WiFi connection in my WiFi enabled motherboard PC with good signal strength. Now i want to connect a router to my PC so that i can easily use WiFi for my mobiles.
View 4 Replies
View Related
Apr 16, 2013
I have an iPad 4 (6.1.3) that won't connect to our Cisco 1142 APs. Full Cisco network; 3560 POE switches on edge and Cisco 6509 at the core.At first we looked at it as a wireless issue. No settings changes on the APs would allow the iPad connect. About 125 other iPads of various models worked fine. Took the offending iPad to McDonalds and it connects fine. Took the offending iPad to another school in our District and it connected and worked fine. Went back to the home school, still won't connect. Contacted Apple since iPad was under warranty, sent it to them and they ran diagnostics and it is fine.Is there anyway that the core switch is blocking the iPad client?
View 1 Replies
View Related
Sep 20, 2011
I have just bought a Wansview NC541W IP Camera to monitor my home while I am at work (my home was burgled recently) and I have no idea how to connect it to my broadband router wirelessly. I went onto the network settings of the Camera and set up the wireless setting to connect to my router network (typed in the SSID and wireless pass key etc) but nothings happening?!? I can connect the two devices with an Ethernet cable and have the camera working perfectly, but can't do it wirelessly!
View 1 Replies
View Related